1 |
commit: 60c5e586f621154da0c4fddbe741d4746ee65411 |
2 |
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Aug 23 18:43:06 2021 +0000 |
4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Aug 23 18:43:14 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=60c5e586 |
7 |
|
8 |
net-firewall/nftables-1.0.0: Version bump |
9 |
|
10 |
Package-Manager: Portage-3.0.22, Repoman-3.0.3 |
11 |
Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org> |
12 |
|
13 |
net-firewall/nftables/Manifest | 1 + |
14 |
net-firewall/nftables/nftables-1.0.0.ebuild | 179 ++++++++++++++++++++++++++++ |
15 |
2 files changed, 180 insertions(+) |
16 |
|
17 |
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest |
18 |
index f3814d15688..8f09bc4eb7b 100644 |
19 |
--- a/net-firewall/nftables/Manifest |
20 |
+++ b/net-firewall/nftables/Manifest |
21 |
@@ -1,2 +1,3 @@ |
22 |
DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180 |
23 |
DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab |
24 |
+DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014 |
25 |
|
26 |
diff --git a/net-firewall/nftables/nftables-1.0.0.ebuild b/net-firewall/nftables/nftables-1.0.0.ebuild |
27 |
new file mode 100644 |
28 |
index 00000000000..376318f5382 |
29 |
--- /dev/null |
30 |
+++ b/net-firewall/nftables/nftables-1.0.0.ebuild |
31 |
@@ -0,0 +1,179 @@ |
32 |
+# Copyright 1999-2021 Gentoo Authors |
33 |
+# Distributed under the terms of the GNU General Public License v2 |
34 |
+ |
35 |
+EAPI=7 |
36 |
+ |
37 |
+PYTHON_COMPAT=( python3_{7..10} ) |
38 |
+ |
39 |
+inherit autotools linux-info python-r1 systemd |
40 |
+ |
41 |
+DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" |
42 |
+HOMEPAGE="https://netfilter.org/projects/nftables/" |
43 |
+ |
44 |
+if [[ ${PV} =~ ^[9]{4,}$ ]]; then |
45 |
+ inherit git-r3 |
46 |
+ EGIT_REPO_URI="https://git.netfilter.org/${PN}" |
47 |
+ |
48 |
+ BDEPEND=" |
49 |
+ sys-devel/bison |
50 |
+ sys-devel/flex |
51 |
+ " |
52 |
+else |
53 |
+ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" |
54 |
+ KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86" |
55 |
+fi |
56 |
+ |
57 |
+LICENSE="GPL-2" |
58 |
+SLOT="0/1" |
59 |
+IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables" |
60 |
+ |
61 |
+RDEPEND=" |
62 |
+ >=net-libs/libmnl-1.0.4:0= |
63 |
+ >=net-libs/libnftnl-1.2.0:0= |
64 |
+ gmp? ( dev-libs/gmp:0= ) |
65 |
+ json? ( dev-libs/jansson:= ) |
66 |
+ python? ( ${PYTHON_DEPS} ) |
67 |
+ readline? ( sys-libs/readline:0= ) |
68 |
+ xtables? ( >=net-firewall/iptables-1.6.1 ) |
69 |
+" |
70 |
+ |
71 |
+DEPEND="${RDEPEND}" |
72 |
+ |
73 |
+BDEPEND+=" |
74 |
+ doc? ( |
75 |
+ app-text/asciidoc |
76 |
+ >=app-text/docbook2X-0.8.8-r4 |
77 |
+ ) |
78 |
+ virtual/pkgconfig |
79 |
+" |
80 |
+ |
81 |
+REQUIRED_USE=" |
82 |
+ python? ( ${PYTHON_REQUIRED_USE} ) |
83 |
+ libedit? ( !readline ) |
84 |
+" |
85 |
+ |
86 |
+PATCHES=( |
87 |
+ "${FILESDIR}/${PN}-0.9.8-slibtool.patch" |
88 |
+) |
89 |
+ |
90 |
+python_make() { |
91 |
+ emake \ |
92 |
+ -C py \ |
93 |
+ abs_builddir="${S}" \ |
94 |
+ DESTDIR="${D}" \ |
95 |
+ PYTHON_BIN="${PYTHON}" \ |
96 |
+ "${@}" |
97 |
+} |
98 |
+ |
99 |
+pkg_setup() { |
100 |
+ if kernel_is ge 3 13; then |
101 |
+ if use modern-kernel && kernel_is lt 3 18; then |
102 |
+ eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." |
103 |
+ fi |
104 |
+ CONFIG_CHECK="~NF_TABLES" |
105 |
+ linux-info_pkg_setup |
106 |
+ else |
107 |
+ eerror "This package requires kernel version 3.13 or newer to work properly." |
108 |
+ fi |
109 |
+} |
110 |
+ |
111 |
+src_prepare() { |
112 |
+ default |
113 |
+ |
114 |
+ # fix installation path for doc stuff |
115 |
+ sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ |
116 |
+ -i files/nftables/Makefile.am || die |
117 |
+ sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ |
118 |
+ -i files/osf/Makefile.am || die |
119 |
+ |
120 |
+ eautoreconf |
121 |
+} |
122 |
+ |
123 |
+src_configure() { |
124 |
+ local myeconfargs=( |
125 |
+ # We handle python separately |
126 |
+ --disable-python |
127 |
+ --sbindir="${EPREFIX}"/sbin |
128 |
+ $(use_enable debug) |
129 |
+ $(use_enable doc man-doc) |
130 |
+ $(use_with !gmp mini_gmp) |
131 |
+ $(use_with json) |
132 |
+ $(use_with libedit cli editline) |
133 |
+ $(use_with readline cli readline) |
134 |
+ $(use_enable static-libs static) |
135 |
+ $(use_with xtables) |
136 |
+ ) |
137 |
+ econf "${myeconfargs[@]}" |
138 |
+} |
139 |
+ |
140 |
+src_compile() { |
141 |
+ default |
142 |
+ |
143 |
+ if use python; then |
144 |
+ python_foreach_impl python_make |
145 |
+ fi |
146 |
+} |
147 |
+ |
148 |
+src_install() { |
149 |
+ default |
150 |
+ |
151 |
+ if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then |
152 |
+ pushd doc >/dev/null || die |
153 |
+ doman *.? |
154 |
+ popd >/dev/null || die |
155 |
+ fi |
156 |
+ |
157 |
+ local mksuffix="$(usex modern-kernel '-mk' '')" |
158 |
+ |
159 |
+ exeinto /usr/libexec/${PN} |
160 |
+ newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh |
161 |
+ newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} |
162 |
+ newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} |
163 |
+ keepdir /var/lib/nftables |
164 |
+ |
165 |
+ systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service |
166 |
+ |
167 |
+ if use python ; then |
168 |
+ python_foreach_impl python_make install |
169 |
+ python_foreach_impl python_optimize |
170 |
+ fi |
171 |
+ |
172 |
+ find "${ED}" -type f -name "*.la" -delete || die |
173 |
+} |
174 |
+ |
175 |
+pkg_postinst() { |
176 |
+ local save_file |
177 |
+ save_file="${EROOT}/var/lib/nftables/rules-save" |
178 |
+ |
179 |
+ # In order for the nftables-restore systemd service to start |
180 |
+ # the save_file must exist. |
181 |
+ if [[ ! -f "${save_file}" ]]; then |
182 |
+ ( umask 177; touch "${save_file}" ) |
183 |
+ elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then |
184 |
+ ewarn "Your system has dangerous permissions for ${save_file}" |
185 |
+ ewarn "It is probably affected by bug #691326." |
186 |
+ ewarn "You may need to fix the permissions of the file. To do so," |
187 |
+ ewarn "you can run the command in the line below as root." |
188 |
+ ewarn " 'chmod 600 \"${save_file}\"'" |
189 |
+ fi |
190 |
+ |
191 |
+ if has_version 'sys-apps/systemd'; then |
192 |
+ elog "If you wish to enable the firewall rules on boot (on systemd) you" |
193 |
+ elog "will need to enable the nftables-restore service." |
194 |
+ elog " 'systemctl enable ${PN}-restore.service'" |
195 |
+ elog |
196 |
+ elog "If you are creating firewall rules before the next system restart" |
197 |
+ elog "the nftables-restore service must be manually started in order to" |
198 |
+ elog "save those rules on shutdown." |
199 |
+ fi |
200 |
+ if has_version 'sys-apps/openrc'; then |
201 |
+ elog "If you wish to enable the firewall rules on boot (on openrc) you" |
202 |
+ elog "will need to enable the nftables service." |
203 |
+ elog " 'rc-update add ${PN} default'" |
204 |
+ elog |
205 |
+ elog "If you are creating or updating the firewall rules and wish to save" |
206 |
+ elog "them to be loaded on the next restart, use the \"save\" functionality" |
207 |
+ elog "in the init script." |
208 |
+ elog " 'rc-service ${PN} save'" |
209 |
+ fi |
210 |
+} |